Google Git
Sign in
apache / cloudstack / 3674e80219d0be9e940bd948060fa10a467e4b7e / . / test / metadata / func / securitygroups.xml
blob: 3ecffbf846755e41b8aa2eb580a2ec3e633b2bda [file] [log] [blame]
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<securitygroups>
<!--
STEPS/TEST CASES COVERED:
2. Create a User and its Account
2. Register User Keys
3. Deploy a VM in the account
4. Acquire an IP Address
5. Release the IP Address
6. Reboot the VM
7. Stop the VM
8. Start the VM
9. List Routers
10. Stop Router
11. List Router
12. Start Router
13. Destroy VM
14. Verify that vm is destroyed
15. Recover virtual machine
16. Verify that vm is destroyed
17. Delete Account
-->
<command>
<name>createUser</name>
<testcase>Create User and Account</testcase>
<parameters>
<item random="true">
<name>username</name>
</item>
<item>
<name>password</name>
<value>apiuser</value>
</item>
<item>
<name>firstname</name>
<value>apiuser</value>
</item>
<item>
<name>lastname</name>
<value>apiuser</value>
</item>
<item>
<name>email</name>
<value>apiuser@gmail.com</value>
</item>
<item>
<name>accounttype</name>
<value>0</value>
</item>
</parameters>
<returnvalue>
<item setparam="true">
<name>id</name>
<param>userid</param>
</item>
<item setparam="true">
<name>account</name>
<param>accountname</param>
</item>
</returnvalue>
</command>
<command>
<name>registerUserKeys</name>
<testcase>Registering the User</testcase>
<parameters>
<item getparam="true">
<name>id</name>
<param>userid</param>
</item>
</parameters>
<returnvalue>
<item setparam="true">
<name>apikey</name>
<param>apikey</param>
</item>
<item setparam="true">
<name>secretkey</name>
<param>secretkey</param>
</item>
</returnvalue>
</command>
<command>
<name>createNetworkGroup</name>
<usercommand>true</usercommand>
<testcase>Create a Network Group</testcase>
<parameters>
<item setparam="true" random="true">
<name>name</name>
<param>networkgrp-1</param>
</item>
</parameters>
</command>
<!-- FIRST INGRESS RULE -->
<command>
<name>authorizeNetworkGroupIngress</name>
<testcase>Add the First Ingress Rule</testcase>
<parameters>
<item getparam="true">
<name>networkgroupname</name>
<param>networkgrp-1</param>
</item>
<item>
<name>cidrlist</name>
<value>192.168.131.171/32</value> <!-- CHANGE IF REQUIRED -->
</item>
<item>
<name>endport</name>
<value>22</value>
</item>
<item>
<name>startport</name>
<value>22</value>
</item>
<item>
<name>protocol</name>
<value>tcp</value>
</item>
<item getparam="true">
<name>account</name>
<param>accountname</param>
</item>
<item>
<name>domainid</name>
<value>1</value>
</item>
</parameters>
</command>
<command>
<name>deployVirtualMachine</name>
<usercommand>true</usercommand>
<testcase>Deploy a VM with the Network Group Assigned</testcase>
<parameters>
<item getparam="true">
<name>zoneid</name>
<param>globalzoneid</param>
</item>
<item getparam="true">
<name>serviceofferingid</name>
<param>flatnetworkserviceofferingid</param>
</item>
<item getparam="true">
<name>networkgrouplist</name>
<param>networkgrp-1</param>
</item>
<item getparam="true">
<name>templateid</name>
<param>globaltemplateid</param>
</item>
</parameters>
<returnvalue>
<item setparam="true">
<name>id</name>
<param>vmid</param>
</item>
<item setparam="true">
<name>ipaddress</name>
<param>vmip</param>
</item>
</returnvalue>
</command>
<command>
<name>sleep.sh</name>
<script>true</script>
<testcase>Sleep for 2 min</testcase>
<parameters>
<item>
<name>s</name>
<value>120</value>
</item>
</parameters>
</command>
<command>
<name>ssh.sh</name>
<script>true</script>
<testcase>Ssh access test for the VM</testcase>
<parameters>
<item getparam="true">
<name>h</name>
<param>vmip</param>
</item>
<item>
<name>p</name>
<value>password</value>
</item>
</parameters>
</command>
<command>
<name>sleep.sh</name>
<script>true</script>
<testcase>Sleep for 1 min</testcase>
<parameters>
<item>
<name>s</name>
<value>60</value>
</item>
</parameters>
</command>
<command>
<name>stopVirtualMachine</name>
<usercommand>true</usercommand>
<testcase>Stopping VM</testcase>
<parameters>
<item getparam="true">
<name>id</name>
<param>vmid</param>
</item>
</parameters>
</command>
<command>
<name>startVirtualMachine</name>
<usercommand>true</usercommand>
<testcase>Starting VM</testcase>
<parameters>
<item getparam="true">
<name>id</name>
<param>vmid</param>
</item>
</parameters>
</command>
<command>
<name>rebootVirtualMachine</name>
<usercommand>true</usercommand>
<testcase>Rebooting VM</testcase>
<parameters>
<item getparam="true">
<name>id</name>
<param>vmid</param>
</item>
</parameters>
</command>
<command>
<name>revokeNetworkGroupIngress</name>
<testcase>Revoke The First Ingress Rule</testcase>
<parameters>
<item getparam="true">
<name>networkgroupname</name>
<param>networkgrp-1</param>
</item>
<item>
<name>cidrlist</name>
<value>192.168.131.171/32</value> <!-- CHANGE IF REQUIRED -->
</item>
<item>
<name>endport</name>
<value>22</value>
</item>
<item>
<name>startport</name>
<value>22</value>
</item>
<item>
<name>protocol</name>
<value>tcp</value>
</item>
<item getparam="true">
<name>account</name>
<param>accountname</param>
</item>
<item>
<name>domainid</name>
<value>1</value>
</item>
</parameters>
</command>
<command>
<name>ssh.sh</name>
<script>true</script>
<error>true</error>
<testcase>Ssh access test for the vm - should fail as ingress rule is revoked</testcase>
<parameters>
<item getparam="true">
<name>h</name>
<param>vmip</param>
</item>
<item>
<name>p</name>
<value>password</value>
</item>
</parameters>
</command>
<!-- SECOND INGRESS RULE -->
<command>
<name>authorizeNetworkGroupIngress</name>
<testcase>Add the Second Ingress Rule</testcase>
<parameters>
<item getparam="true">
<name>networkgroupname</name>
<param>networkgrp-1</param>
</item>
<item>
<name>cidrlist</name>
<value>192.168.131.172/32</value> <!-- CHANGE IF REQUIRED -->
</item>
<item>
<name>endport</name>
<value>22</value>
</item>
<item>
<name>startport</name>
<value>22</value>
</item>
<item>
<name>protocol</name>
<value>tcp</value>
</item>
<item getparam="true">
<name>account</name>
<param>accountname</param>
</item>
<item>
<name>domainid</name>
<value>1</value>
</item>
</parameters>
</command>
<command>
<name>deployVirtualMachine</name>
<usercommand>true</usercommand>
<testcase>Deploy a VM with the Network Group Assigned</testcase>
<parameters>
<item getparam="true">
<name>zoneid</name>
<param>globalzoneid</param>
</item>
<item getparam="true">
<name>serviceofferingid</name>
<param>flatnetworkserviceofferingid</param>
</item>
<item getparam="true">
<name>networkgrouplist</name>
<param>networkgrp-1</param>
</item>
<item getparam="true">
<name>templateid</name>
<param>globaltemplateid</param>
</item>
</parameters>
<returnvalue>
<item setparam="true">
<name>id</name>
<param>vmid</param>
</item>
<item setparam="true">
<name>ipaddress</name>
<param>vmip</param>
</item>
</returnvalue>
</command>
<command>
<name>sleep.sh</name>
<script>true</script>
<testcase>Sleep for 2 min</testcase>
<parameters>
<item>
<name>s</name>
<value>120</value>
</item>
</parameters>
</command>
<command>
<name>ssh.sh</name>
<script>true</script>
<error>true</error>
<testcase>Ssh test for the vm - should fail as no access provided by ingress rule</testcase>
<parameters>
<item getparam="true">
<name>h</name>
<param>vmip</param>
</item>
<item>
<name>p</name>
<value>password</value>
</item>
</parameters>
</command>
<command>
<name>revokeNetworkGroupIngress</name>
<testcase>Revoke The Second Ingress Rule</testcase>
<parameters>
<item getparam="true">
<name>networkgroupname</name>
<param>networkgrp-1</param>
</item>
<item>
<name>cidrlist</name>
<value>192.168.131.172/32</value> <!-- CHANGE IF REQUIRED -->
</item>
<item>
<name>endport</name>
<value>22</value>
</item>
<item>
<name>startport</name>
<value>22</value>
</item>
<item>
<name>protocol</name>
<value>tcp</value>
</item>
<item getparam="true">
<name>account</name>
<param>accountname</param>
</item>
<item>
<name>domainid</name>
<value>1</value>
</item>
</parameters>
</command>
<!-- THIRD INGRESS RULE -->
<command>
<name>authorizeNetworkGroupIngress</name>
<testcase>Add the Third Ingress Rule</testcase>
<parameters>
<item getparam="true">
<name>networkgroupname</name>
<param>networkgrp-1</param>
</item>
<item>
<name>cidrlist</name>
<value>192.168.131.0/24</value> <!-- CHANGE IF REQUIRED -->
</item>
<item>
<name>endport</name>
<value>80</value>
</item>
<item>
<name>startport</name>
<value>80</value>
</item>
<item>
<name>protocol</name>
<value>tcp</value>
</item>
<item getparam="true">
<name>account</name>
<param>accountname</param>
</item>
<item>
<name>domainid</name>
<value>1</value>
</item>
</parameters>
</command>
<command>
<name>deployVirtualMachine</name>
<usercommand>true</usercommand>
<testcase>Deploy a VM with the Network Group Assigned</testcase>
<parameters>
<item getparam="true">
<name>zoneid</name>
<param>globalzoneid</param>
</item>
<item getparam="true">
<name>serviceofferingid</name>
<param>flatnetworkserviceofferingid</param>
</item>
<item getparam="true">
<name>networkgrouplist</name>
<param>networkgrp-1</param>
</item>
<item getparam="true">
<name>templateid</name>
<param>globaltemplateid</param>
</item>
</parameters>
<returnvalue>
<item setparam="true">
<name>id</name>
<param>vmid</param>
</item>
<item setparam="true">
<name>ipaddress</name>
<param>vmip</param>
</item>
</returnvalue>
</command>
<command>
<name>sleep.sh</name>
<script>true</script>
<testcase>Sleep for 2 min</testcase>
<parameters>
<item>
<name>s</name>
<value>120</value>
</item>
</parameters>
</command>
<command>
<name>ssh.sh</name>
<script>true</script>
<error>true</error>
<testcase>Ssh test for the vm - should fail as no access provided by ingress rule</testcase>
<parameters>
<item getparam="true">
<name>h</name>
<param>vmip</param>
</item>
<item>
<name>p</name>
<value>password</value>
</item>
</parameters>
</command>
<command>
<name>revokeNetworkGroupIngress</name>
<testcase>Revoke The Third Ingress Rule</testcase>
<parameters>
<item getparam="true">
<name>networkgroupname</name>
<param>networkgrp-1</param>
</item>
<item>
<name>cidrlist</name>
<value>192.168.131.0/24</value> <!-- CHANGE IF REQUIRED -->
</item>
<item>
<name>endport</name>
<value>80</value>
</item>
<item>
<name>startport</name>
<value>80</value>
</item>
<item>
<name>protocol</name>
<value>tcp</value>
</item>
<item getparam="true">
<name>account</name>
<param>accountname</param>
</item>
<item>
<name>domainid</name>
<value>1</value>
</item>
</parameters>
</command>
<!-- FOURTH INGRESS RULE -->
<command>
<name>authorizeNetworkGroupIngress</name>
<testcase>Add the Fourth Ingress Rule</testcase>
<parameters>
<item getparam="true">
<name>networkgroupname</name>
<param>networkgrp-1</param>
</item>
<item>
<name>cidrlist</name>
<value>192.168.130.0/24</value> <!-- CHANGE IF REQUIRED -->
</item>
<item>
<name>endport</name>
<value>80</value>
</item>
<item>
<name>startport</name>
<value>80</value>
</item>
<item>
<name>protocol</name>
<value>tcp</value>
</item>
<item getparam="true">
<name>account</name>
<param>accountname</param>
</item>
<item>
<name>domainid</name>
<value>1</value>
</item>
</parameters>
</command>
<command>
<name>deployVirtualMachine</name>
<usercommand>true</usercommand>
<testcase>Deploy a VM with the Network Group Assigned</testcase>
<parameters>
<item getparam="true">
<name>zoneid</name>
<param>globalzoneid</param>
</item>
<item getparam="true">
<name>serviceofferingid</name>
<param>flatnetworkserviceofferingid</param>
</item>
<item getparam="true">
<name>networkgrouplist</name>
<param>networkgrp-1</param>
</item>
<item getparam="true">
<name>templateid</name>
<param>globaltemplateid</param>
</item>
</parameters>
<returnvalue>
<item setparam="true">
<name>id</name>
<param>vmid</param>
</item>
<item setparam="true">
<name>ipaddress</name>
<param>vmip</param>
</item>
</returnvalue>
</command>
<command>
<name>sleep.sh</name>
<script>true</script>
<testcase>Sleep for 2 min</testcase>
<parameters>
<item>
<name>s</name>
<value>120</value>
</item>
</parameters>
</command>
<command>
<name>ssh.sh</name>
<script>true</script>
<error>true</error>
<testcase>Ssh test for the vm - should fail as no access provided by ingress rule</testcase>
<parameters>
<item getparam="true">
<name>h</name>
<param>vmip</param>
</item>
<item>
<name>p</name>
<value>password</value>
</item>
</parameters>
</command>
<command>
<name>revokeNetworkGroupIngress</name>
<testcase>Revoke The Fourth Ingress Rule</testcase>
<parameters>
<item getparam="true">
<name>networkgroupname</name>
<param>networkgrp-1</param>
</item>
<item>
<name>cidrlist</name>
<value>192.168.130.0/24</value> <!-- CHANGE IF REQUIRED -->
</item>
<item>
<name>endport</name>
<value>80</value>
</item>
<item>
<name>startport</name>
<value>80</value>
</item>
<item>
<name>protocol</name>
<value>tcp</value>
</item>
<item getparam="true">
<name>account</name>
<param>accountname</param>
</item>
<item>
<name>domainid</name>
<value>1</value>
</item>
</parameters>
</command>
<!-- Clean Up -->
<command>
<name>deleteNetworkGroup</name>
<usercommand>true</usercommand>
<testcase>Delete First network group</testcase>
<parameters>
<item getparam="true">
<name>name</name>
<param>networkgrp-1</param>
</item>
</parameters>
</command>
<command>
<name>destroyVirtualMachine</name>
<usercommand>true</usercommand>
<testcase>Destroying virtual machine</testcase>
<parameters>
<item getparam="true">
<name>id</name>
<param>vmid</param>
</item>
</parameters>
</command>
<command>
<name>sleep.sh</name>
<script>true</script>
<testcase>Sleep for 2 min</testcase>
<parameters>
<item>
<name>s</name>
<value>120</value>
</item>
</parameters>
</command>
<!-- Delete user as a part of cleanup -->
<command>
<name>deleteUser</name>
<testcase>Deleting the user</testcase>
<parameters>
<item getparam="true">
<name>id</name>
<param>userid</param>
</item>
</parameters>
</command>
</securitygroups>